rpm package
suse/openssl&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
Vulnerabilities (30)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-5407 | — | < 0.9.8j-0.106.18.1 | 0.9.8j-0.106.18.1 | Nov 15, 2018 | Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. | ||
| CVE-2018-0734 | — | < 0.9.8j-0.106.18.1 | 0.9.8j-0.106.18.1 | Oct 30, 2018 | The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi | ||
| CVE-2016-7056 | — | < 0.9.8j-0.105.1 | 0.9.8j-0.105.1 | Sep 10, 2018 | A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. | ||
| CVE-2018-0732 | — | < 0.9.8j-0.106.12.1 | 0.9.8j-0.106.12.1 | Jun 12, 2018 | During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client | ||
| CVE-2018-0737 | — | < 0.9.8j-0.106.15.1 | 0.9.8j-0.106.15.1 | Apr 16, 2018 | The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affec | ||
| CVE-2018-0739 | — | < 0.9.8j-0.106.9.1 | 0.9.8j-0.106.9.1 | Mar 27, 2018 | Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from u | ||
| CVE-2016-8610 | Hig | 7.5 | < 0.9.8j-0.105.1 | 0.9.8j-0.105.1 | Nov 13, 2017 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun | |
| CVE-2016-6306 | Med | 5.9 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 26, 2016 | The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. | |
| CVE-2016-6304 | Hig | 7.5 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 26, 2016 | Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions. | |
| CVE-2016-6303 | Cri | 9.8 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 16, 2016 | Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. | |
| CVE-2016-6302 | Hig | 7.5 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 16, 2016 | The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. | |
| CVE-2016-2182 | Cri | 9.8 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 16, 2016 | The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors | |
| CVE-2016-2181 | Hig | 7.5 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 16, 2016 | The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, re | |
| CVE-2016-2179 | Hig | 7.5 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 16, 2016 | The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simulta | |
| CVE-2016-2183 | Hig | 7.5 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Sep 1, 2016 | The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura | |
| CVE-2016-2178 | Med | 5.5 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Jun 20, 2016 | The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. | |
| CVE-2016-2177 | Cri | 9.8 | < 0.9.8j-0.102.2 | 0.9.8j-0.102.2 | Jun 20, 2016 | OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, | |
| CVE-2016-2109 | Hig | 7.5 | < 0.9.8j-0.97.1 | 0.9.8j-0.97.1 | May 5, 2016 | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding. | |
| CVE-2016-2108 | Cri | 9.8 | < 0.9.8j-0.97.1 | 0.9.8j-0.97.1 | May 5, 2016 | The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue. | |
| CVE-2016-2106 | Hig | 7.5 | < 0.9.8j-0.97.1 | 0.9.8j-0.97.1 | May 5, 2016 | Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. |
- CVE-2018-5407Nov 15, 2018affected < 0.9.8j-0.106.18.1fixed 0.9.8j-0.106.18.1
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
- CVE-2018-0734Oct 30, 2018affected < 0.9.8j-0.106.18.1fixed 0.9.8j-0.106.18.1
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi
- CVE-2016-7056Sep 10, 2018affected < 0.9.8j-0.105.1fixed 0.9.8j-0.105.1
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
- CVE-2018-0732Jun 12, 2018affected < 0.9.8j-0.106.12.1fixed 0.9.8j-0.106.12.1
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client
- CVE-2018-0737Apr 16, 2018affected < 0.9.8j-0.106.15.1fixed 0.9.8j-0.106.15.1
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affec
- CVE-2018-0739Mar 27, 2018affected < 0.9.8j-0.106.9.1fixed 0.9.8j-0.106.9.1
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from u
- affected < 0.9.8j-0.105.1fixed 0.9.8j-0.105.1
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, re
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simulta
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
- affected < 0.9.8j-0.102.2fixed 0.9.8j-0.102.2
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior,
- affected < 0.9.8j-0.97.1fixed 0.9.8j-0.97.1
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
- affected < 0.9.8j-0.97.1fixed 0.9.8j-0.97.1
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
- affected < 0.9.8j-0.97.1fixed 0.9.8j-0.97.1
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
Page 1 of 2